Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:12 PM
Jim Manico
Jim Manico
Connect Directly

Cookie-Cutter Security Doesn't Work: Report

It's all well and good to be concerned about information security and data breaches, but a one-size-fits-all approach may not be the best way to go.

It's all well and good to be concerned about information security and data breaches, but a one-size-fits-all approach may not be the best way to go.According to a report from the Verizon Business Risk Team (PDF), risk varies depending on your business' specific industry in terms of sources for attacks and their level of sophistication. Verizon analyzed four verticals and found:

1. Financial services: 56% of breaches came from outside of the organization, 41% from third parties (business partners), and 38% from inside of the organization.

2. High-tech services: 55% of breaches came from outside of the organization, 39% from inside of the organization, and 18% from third parties.

3. Retail: 84% of breaches came from outside of the organization, 36% from third parties, and 11% from inside of the organization.

4. Food and beverage: 80% of breaches came from outside the organization, 70% from third parties, and 4% from inside the organization.

The numbers within each vertical add up to more than 100 because many breaches involve multiple sources, the study explains, which goes on to point out that the tech services category was the only one that faced a bigger threat from within than from business partners: "It stands to reason that organizations in this industry likely employ a high percentage of tech-savvy staff and grant them high levels of access to numerous systems. Unfortunately, some find that access to sensitive and valuable resources is a temptation too hard to resist. Facing similar temptations, insiders in the Financial Services industry were behind a large proportion of breaches as well." Along the same lines, the most sophisticated of attacks are happening within the tech and financial services markets, though a bird's eye view of all four markets points to low-difficulty attacks being the culprit at the majority of firms. Another finding: how widespread errors (mostly indirect) contribute to systems being compromised. Hacking was also a major culprit, though in financial services deceit and misuse (using granted resources and/or privileges for any unauthorized purpose) was cited more frequently.

The report breaks down plenty more info, including how attackers are getting in, what kinds of information they're after (three words: payment card data), and the life cycle of a breach. Granted, there's much to take in, but the drilldown exercise that Verizon performed is one you should do for your business as well.

According to Bryan Sartin, a contributor to the report who also spoke with Dark Reading, employing a generic risk calculation, such as the likelihood of insider threats, may be a mistake unless industry-specific factors are accounted for. Although there are many studies and calculators that discuss trends in security attacks, very few of them break their data down by industry, and that breakdown may be crucial to accurately calculating risk in a particular enterprise, he added.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
Stephen Ward, VP, ThreatConnect,  7/1/2020
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-07
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
PUBLISHED: 2020-07-07
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
PUBLISHED: 2020-07-07
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
PUBLISHED: 2020-07-07
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
PUBLISHED: 2020-07-07
A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...